Glossary

NIST AI RMF

The NIST AI Risk Management Framework (AI RMF 1.0, NIST.AI.100-1) is a voluntary US framework for managing AI risks. It is organised around four functions - Govern, Map, Measure, and Manage - and is the de-facto reference in US federal procurement and enterprise RFPs, even though it carries no legal force of its own.

The four functions

Govern - cultivate a culture of AI risk management across the organisation.
Map - establish the context and identify risks for each AI system.
Measure - analyse, assess, and track identified risks.
Manage - prioritise and act on risks to minimise harm.

Why SMBs care

NIST AI RMF alignment is frequently asked for in US enterprise and federal procurement. Because ComplyAgent carries your EU AI Act classification across to the NIST functions automatically, answering a NIST-based RFP becomes a by-product of the work you already did.

Last reviewed June 2026 by the ComplyAgent team.

See also our EU AI Act compliance guide, ISO/IEC 42001 and NIST AI RMF, or browse the full glossary.